piCore-12.0beta1

[mortegai]

Hi Juanito
Another way to test if group  sshd  exists.

Change this:

Code: [Select]

        busybox groups sshd >/dev/null 2>&1
        [ $? -ne 0 ] && busybox addgroup -g 33 sshd
To this:

Code: [Select]

        touch /tmp/groups
        chown tc:sshd /tmp/groups >/dev/null 2>&1
        [ $? -ne 0 ] && busybox addgroup -g 33 sshd

Or just change to

Code: [Select]

        grep -q sshd /etc/group
        [ $? -ne 0 ] && busybox addgroup -g 33 sshd

[Rich]

Hi mortegai
If you are going to do that, search for an exact match:

Code: [Select]

grep -q '^sshd:' /etc/group

[Juanito]

But now, if the sshd user does not exist (initial/pristine situation) occurs error:
Privilege separation user sshd not exist
and sshd does not run.

sshd ran on startup for me in testing using the modified openssh init.d script, but I presume now that was influenced by the backup.

I don't know of a reason why an additional user named sshd would be necessary for sshd to work on piCore - things work on Core/CorePure64 without it.

I will have access to a screen in a couple of days time to be able to troubleshoot.

[Rich]

Hi Juanito
Seems this already came up in piCore-12.0alpha1:
http://forum.tinycorelinux.net/index.php/topic,24196.msg153179.html#msg153179

[Paul_123]

If you could interpret anything he said.....  lol.

groups sshd was a carry over from piCore 11   (and possibly 10)   Its just that Juanito and I were trying to commonize configs between x86_64 and piCore.  We started with busybox, which is why "groups" got dropped and highlighted this issue.

We just have to figure out right solution.....without doing a big re-invention.

[Paul_123]

Openssh issue caused from confusion from x86_64, and different folks building things.

I've updated armv6/7 and aarch64 to openssh8.4p1 and commonized the privilege separation configuration with x86_64, which uses the user "nobody" as the non-privileged user.  nobody is supplied as a standard user in the piCore image, so no need to check anything anymore.

[polikuo]

I'd like to remind all users here to fix, recreate and backup the file.
/usr/local/etc/ssh/sshd_config

The new openssh extension is recompiled with a different libexecdir.

At line 108, 109 we have

# override default of no subsystems
Subsystem       sftp    /usr/local/libexec/sftp-server

Replace that with the new route

Subsystem       sftp    /usr/local/lib/openssh/sftp-server

That should fix any quirky ftp functions / behaviors.

[polikuo]

Hi, a quick report. 

Please append gnutls.tcz to vte.tcz.dep (12.x/aarch64)

vte won't run without it.

[Juanito]

vte* deps adjusted - thanks for reporting this.